deadlock bug related to bpf,audit subsystems
Serhei Makarov
smakarov at redhat.com
Thu Mar 18 16:43:03 UTC 2021
On Thu, Mar 18, 2021 at 10:43 AM Serhei Makarov <smakarov at redhat.com> wrote:
> Jiri Olsa also reports seeing a similar deadlock at v5.10. I'm in the
> middle of double-checking my bisection which ended up at a
> seemingly-unrelated commit [2]
>
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1938312
> [2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.11-rc7&id=2dcb3964544177c51853a210b6ad400de78ef17d
I've confirmed that my first bisection was incorrect by testing
@1c2f67308af4 mm: thp: fix MADV_REMOVE deadlock on shmem THP
and reproducing the deadlock. Previously this commit was marked as
good, so it seems a kernel with the bug can sometimes pass the test.
I'll double check rc6 next since I have the kernel handy. If
5.11.0-rc6 can also be made to fail, with Jiri Olsa's report it'd be
necessary to do a wider search.
There may be commits with intent similar to
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8d92db5c04d103
which tightened some of the behaviour of kernel reads, but affecting
the audit subsystem?
The actual stack trace that leads to deadlock goes through
security_locked_down() which was present since the original patch
reworking probe_read into separate probe_read_{user,kernel} helpers
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.11-rc7&id=6ae08ae3dea2
-- Serhei
More information about the Linux-audit
mailing list